277 matches found
DEBIAN-CVE-2026-53305
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...
DEBIAN-CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
UBUNTU-CVE-2026-53305
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...
UBUNTU-CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
PT-2026-52936
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the mana remove function where a double invocation can lead to a kernel panic. This occurs when a Power Management PM resume fails, causing mana probe to call mana remov...
CVE-2026-53158
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix NULL pointer dereference in rpmsg callback A NULL pointer dereference was observed on Hawi at boot when the DSP sends a glink message before fastrpcrpmsgprobe has completed initialization: Unable to handle kern...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: um: vector: Do not use drvdata in release. The drvdata is not available in the release version. Let’s simply use containerof to obtain the vectordevice instance. Otherwise, removing a vector device will result in a crash. RIP:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fixed the null dereference in the HDMI teardown process. The pcisetdrvdata function sets the value of pdev-driverdata to NULL. After that, the driverdata obtained from the same device is dereferenced in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...
CVE-2026-45996
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45996
The CVE-2026-45996 entry concerns a use-after-free in the Linux kernel SPI IMX driver (on unbind/deregistration). The root cause is that upon deregistering the SPI controller, driver data may be freed while still referenced, requiring an extra reference before deregistration to ensure data remain...
CVE-2026-45996 spi: imx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45956 drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...
CVE-2026-45956
The CVE-2026-45956 entry concerns the Linux kernel DRM Exynos driver (vidi) where vidi_connection_ioctl() incorrectly reads driver_data from drm_dev->dev, which points to the exynos-drm master device rather than the vidi component device. This mismatch can trigger null pointer dereferences, ga...
PT-2026-43863
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SPI subsystem of the Linux kernel. The subsystem frees the controller and any allocated driver data during deregistration, unless the allocation is...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of driverdata from drmdev in the exynos-drm driver. This improper use can lead to null...
PT-2026-43781
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ibmpex driver. The issue occurs because driver data is set to NULL before sensor attributes are removed. The function ibmpex show sensor retrieves this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set the driver data before it is used. If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and miscellaneous devices. This function uses devgetdrvdata to access the vmclock...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a kernel crash during reboot when the adapter is in recovery mode. If the driver detects that the firmware is in recovery mode during the probe, the i40einitrecoverymode function is called, and the rest of the prob...